2 files changed, 24 insertions, 8 deletions

diff --git a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf
index d0c9517..95d2b85 100644
--- a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf
+++ b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf
@@ -1,8 +1,9 @@
-# {{ domain }}
-{% for service in internal_services %}
-local-data: "{{ service }}. A {{ loadbalancer_ip }}" 
+{% for meshpoint in mesh.values() %}
+# {{ meshpoint.domain }}
+{% for record in meshpoint.private_records %}
+{% if record["type"] == "A" %}
+local-data: "{{ record['name'] }}. A {{ record['ip'] }}" 
+{% endif %}
+{% endfor %}
 {% endfor %}
 
-# TODO: for lucina.cloud, for now...
-local-zone: "lucina.cloud." redirect
-local-data: "lucina.cloud. A 10.128.0.44"
diff --git a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf
index 19af327..0f5af53 100644
--- a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf
+++ b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf
@@ -1,5 +1,20 @@
 forward-zone:
   name: "."
-  forward-addr: 1.1.1.1@853#cloudflare-dns.com
-  forward-addr: 1.0.0.1@853#cloudflare-dns.com
+{% for forward_addr in forward_addrs %}
+  forward-addr: "{{ forward_addr }}"
   forward-tls-upstream: yes
+{% endfor %}
+
+{% for meshpoint in mesh.values() %}
+{% if meshpoint.forward_dns %}
+# {{ meshpoint.domain }}
+forward-zone:
+  name: "{{ meshpoint.domain }}"
+  forward-addr: "{{ meshpoint.gateway }}"
+{% endif %}
+{% endfor %}
+
+server:
+{% for meshpoint in mesh.values() %}
+  private-domain: "{{ meshpoint.domain }}"
+{% endfor %}